|Publication number||US6556680 B1|
|Application number||US 09/367,530|
|Publication date||Apr 29, 2003|
|Filing date||Feb 5, 1998|
|Priority date||Feb 19, 1997|
|Also published as||CA2281816A1, CA2281816C, CN1140087C, CN1248367A, DE69838974D1, EP0962071A1, EP0962071B1, WO1998037663A1|
|Publication number||09367530, 367530, PCT/1998/206, PCT/SE/1998/000206, PCT/SE/1998/00206, PCT/SE/98/000206, PCT/SE/98/00206, PCT/SE1998/000206, PCT/SE1998/00206, PCT/SE1998000206, PCT/SE199800206, PCT/SE98/000206, PCT/SE98/00206, PCT/SE98000206, PCT/SE9800206, US 6556680 B1, US 6556680B1, US-B1-6556680, US6556680 B1, US6556680B1|
|Original Assignee||Telefonaktiebolaget L M Ericsson|
|Export Citation||BiBTeX, EndNote, RefMan|
|Patent Citations (9), Referenced by (23), Classifications (37), Legal Events (7)|
|External Links: USPTO, USPTO Assignment, Espacenet|
1. Field of the Invention
The present invention relates to a method for checking the authorization of a person, in his/her capacity as user of a system such as a payment system or a data system.
2. Description of the Related Art
Systems now in existence are used to check the authorization of a person in connection with payment. One such system is used within the Swedish Postal Service for payments made via postgiro. In accordance with this system, the customer receives a so-called SmartCard and a card reader for it. An encryption key is stored on the SmartCard, and it can be read by a microprocessor on the SmartCard after a PIN code has been entered.
The encryption key is stored hot only on the SmartCard, but also at the Swedish Postal Service postgiro department where it is linked to a specific person.
When a payment is to be made, the user keys in the PIN code, the number of the account to, which the payment is to be sent and the amount in question. The microprocessor performs a calculation based on the amount, the account number and the encryption key in accordance with the so-called DES (Data Encryption Standard) algorithm, wherewith a signature is generated by the calculation. After this is done, the amount, the account number and the signature are transferred to the postgiro department in a suitable manner, via data, mail or fax, for example.
The postgiro department receives the information and then performs the same calculation as set forth above and compares the result with the signature that was transferred. If the comparison results in a match, an authorized person, i.e., the holder of the SmartCard, is deemed to have ordered the transaction, wherewith the transaction is executed. The transaction is executed by transferring money from the postgiro account of the SmartCard holder to the specified postgiro account to which the payment is to be made.
This payment system is automatic, and it can be used to make payments at any time of day or night.
Desirably, it should be possible for the described system to be used by a person to show authorization for use of a system other than a postgiro or bank payment system. For example, it should be possible for a person to show authorization for accessing a data system by entering his/her PIN code and two numbers other than an amount and account number, and then transferring them together with the signature to the data system. If the data system contains the encryption key the signature can be calculated, and if a match is found the person to whom the SmartCard has been issued can be deemed to be the person who entered the items of information and is therefore authorized to access the data system.
However, a significant disadvantage of the described system is that the user must have access to a SmartCard and a special card reader in order make a payment.
The present invention solves this problem.
The present invention thus relates to a method for checking authorization that incorporates a way to impart to a so-called smart card (SmartCard) an encryption key or equivalent key, and incorporates a way to have a microprocessor, using the encryption key and at least one identifying number, perform a calculation whose result comprises a signature. The signature together with the identifying number is transferred to a system for which authorization is to be shown. The system includes a computer in which the encryption key is stored, and the computer performs the calculation in order to obtain the signature. The system-computer-obtained signature is compared by the computer with the previously mentioned transmitted signature to verify authorization of the user. The smart card is a so-called SIM-card (Subscriber Identity Module) telephony. A memory included on the SIM-card is, in a first step, provided with unique information containing a unique identity in order to communicate telephonically using a mobile telephone. In in a second step, the SIM-card memory is provided with the encryption key. A system for which authorization is to be shown is provided with the same encryption key linked to the unique identity carried on the SIM-card, and in response to the entry of an appropriate code and at least the identifying number via the keyboard on the mobile telephone, a microprocessor on the SIM-card is induced to perform the calculation resulting in the signature.
The present invention is not limited to any special field with regard to showing authorization. Instead, it is applicable for all kinds of systems such as payment systems, data systems, systems that check authorization before allowing entrance etc.
The description of the present invention that follows, however, is for a system that provides payment via postgiro.
The system is described in greater detail below, partially in connection with an example of an embodiment shown on the attached drawing, where:
FIG. 1 shows the included hardware schematically.
FIG. 2 shows a SIM-card.
FIG. 3 shows a schematic view of a block diagram for which a function is described.
FIG. 4 shows a schematic view of a block diagram for which another function is described.
FIG. 1 shows a mobile telephone 1 of an appropriately known type which is intended for use in a GSM system or an equivalent telephone system where a so-called smart card (Smartcard) is used together with the mobile telephone to form a usable communication unit. In the GSM system, the smart card is a SIM-card. The mobile telephone includes a keyboard 2 and a display 3.
FIG. 1 also shows a telephone system base station 4 for wireless communication with mobile telephone 1. In addition, a computer 5 is shown which belongs to the system with which the mobile telephone is to communicate.
FIG. 2 also shows a SIM-card 6 that incorporates a microprocessor 7 together with its memory.
The present invention relates to a method for checking authorization of a user to access and to conduct transactions on a remote, data-containing system, wherewith a so-called smart card (SmartCard) is provided with an encryption key KEY or an equivalent key, and wherewith a microprocessor 7 is induced to perform, based on the encryption key and at least one identifying number that is unique to the user. A calculation whose result comprises a signature. The identifying number is entered into the microprocessor from a keyboard. The signature, together with the said identifying number, is then transmitted to a system for which authorization is to be shown, which system includes a computer 5 in which said encryption key has been stored. Computer 5 is induced to perform the said calculation to obtain the said signature. Computer 5 then compares this latter computer-obtained signature with the first-mentioned transmitted signature. If the two signatures match, authorization of the user is verified.
The method is thus based on the user having a SmartCard that incorporates an identity unique to the user and an encryption key. It is presupposed that only the user him/herself will use the SmartCard.
In accordance with the invention, the said smart card is a so-called SIM-card 6 intended for mobile telephony. In a first step, unique information that includes a unique identity (IMSI as set forth in the GSM standard) is entered into memory 7 in said SIM-card 6 in such a way as to support telephonic communication using a mobile telephone. This appropriately takes place in the same as way as presently being used in the GSM system.
In a second step, the memory in SIM-card 6 is provided with the said encryption key. This memory can be the existing memory 7 or an extra memory. This is accomplished in a way that corresponds with the way the previously mentioned identity was entered, but it should preferably be carried out by the person who controls the system for which authorization is to be shown.
In accordance with the invention, the system for which authorization is to be shown is provided with the same encryption key linked to an identity for the SIM-card. Here, for example, the IMSI used for the SIM-card can serve as its unique identity ID. Alternatively, the encryption key in the said system can be linked to some other identity such as the user's telephone number, a customer number or a name what is essential is that the system must later be able to retrieve the correct encryption key for a specified user.
The invention is further characterized in that when a suitable code is entered along with at least the said identifying number via keyboard 2 on mobile telephone 1, a microprocessor on the said SIM-card is induced to perform the said calculation resulting in the said signature. The microprocessor can be the regular microprocessor that is normally incorporated into the SIM-card, but it can also be a separate microprocessor on the SIM-card. In the latter case, however, the separate microprocessor is linked to regular microprocessor 7 on the SIM-card.
The term “suitable code” means, for example, a code that is entered in order to put the mobile telephone in a mode in which the microprocessor is induced to proceed with calculation of the signature.
Obviously, then, it suffices to have a mobile telephone and to be able induce a microprocessor in a SIM-card to perform a calculation using an encryption key to obtain an electronic signature that can be transferred to a system for which authorization is sought. The system conducts an equivalent calculation, thereby determining whether or not authorization can be verified. As a result, no other equipment is needed to show authorization, as mentioned in the introduction.
After authorization has been verified in the aforesaid manner, the mobile telephone can be used to have the system perform services such as making payments in situations where the system is, for example, part of a postgiro system.
In accordance with a preferred embodiment, the said identifying number includes identifying at least two identifying numbers. This improves security significantly. When the invention is applied to perform payments made via postgiro, for example, one of the numbers can comprise the number of the account that is to receive a payment while the other can comprise the amount to be paid.
This is illustrated in FIG. 3 by numbers D1 and D2 which are sent to the microprocessor in the mobile telephone via the keyboard on the mobile telephone. When the numbers are entered, the microprocessor retrieves the encryption key KEY from memory MEM and conducts the aforesaid calculation which results in said signature SIG.
In accordance with a preferred embodiment, the signature calculated by the mobile telephone together with at least the said identifying numbers is caused to be transferred via mobile telephone network base station 4 to said system.
In accordance with an alternative embodiment, the signature calculated by the mobile telephone together with at least the said identifying numbers is caused to be transferred directly from the mobile telephone to said system via an interface between the mobile telephone and the system such as a computer 5 belonging to the system. The interface can include a cable 8 or an infrared link or some other suitable link.
In accordance with a preferred embodiment, the mobile telephone is caused to present the calculated signature on the mobile telephone display. In such case, the user can, for example, enter the said identifying numbers and signature on a keyboard belonging to a computer that belongs to the system.
In accordance with a highly preferred embodiment, a special PIN code is assigned to the SIM-card in such a way that it can be used to enable the card for said calculation of the signature. This further enhances security since the user must a) know his/her PIN code to start the mobile telephone and b) know his/her PIN code to access and start the calculation process used to obtain the electronic signature.
To facilitate the making of correct payments, for example, and in accordance with a preferred embodiment, the mobile telephone is caused to present the said identifying numbers on its display. An account number and an amount, for example, can be displayed before the signature is calculated.
When the signature has been calculated, data is thus transferred to the system. Herewith, as illustrated in FIG. 4, a separate user identity ID, such as a telephone number, an IMSI or some other identity, is always transferred. Signature SIG is also always transferred. Moreover, at least one identifying number D1 or D2 is always transferred. If payments are involved, account number D1 and amount D2 are transferred. When this has happened, the system computer 5 retrieves the encryption key KEY that is linked to identity ID from a memory MEM and then calculates the signature. When this is done, the computer compares the, computer calculated signature with the signature SIG that was transferred from the mobile telephone. If the two signatures match, the user is deemed to have shown his/her authorization, whereupon payment 9 is made.
To further enhance security, a serial number can be included as one of the said identifying numbers. If payments are involved, calculation is then performed on the basis of an account number, to an amount and a serial number. The serial number can range from 00 to 99. When the first payment is made, serial number 00 is used, when the second payment is made serial number 01 is used and so forth. Correspondingly, the system increments the serial number by counting the number of payment transactions originating from the same user.
This means that each payment transaction generates a unique signature even if the same amount is paid to the same account number more than once.
It is obvious that the present invention, by using a mobile telephone, permits authorization to be checked vis-a-vis an arbitrary system. It also permits payments via postgiro or a bank at any time of day or night with excellent security and without requiring any extra equipment beyond a mobile telephone.
A number of different embodiments have been described above. However, it is obvious that the identifying numbers on which calculation of the signature is based can be numbers other than those exemplified above. Moreover, information in addition to what is set forth above can be transferred from the mobile telephone to the system in order to verify authorization.
The present invention shall thus not be considered limited to the embodiments set forth above. Instead it can be varied within the scope set forth in the attached claims.
|Cited Patent||Filing date||Publication date||Applicant||Title|
|US5283828 *||Feb 19, 1993||Feb 1, 1994||Hughes Training, Inc.||Architecture for utilizing coprocessing systems to increase performance in security adapted computer systems|
|US5327497 *||Jun 4, 1992||Jul 5, 1994||Integrated Technologies Of America, Inc.||Preboot protection of unauthorized use of programs and data with a card reader interface|
|US5335278 *||Dec 31, 1991||Aug 2, 1994||Wireless Security, Inc.||Fraud prevention system and process for cellular mobile telephone networks|
|US5596718 *||Jul 10, 1992||Jan 21, 1997||Secure Computing Corporation||Secure computer network using trusted path subsystem which encrypts/decrypts and communicates with user through local workstation user I/O devices without utilizing workstation processor|
|EP0708547A2||Sep 14, 1995||Apr 24, 1996||AT&T Corp.||Cellular telephone as an authenticated transaction controller|
|WO1994011849A1||Nov 11, 1993||May 26, 1994||Harri Tapani Vatanen||Mobile telephone systems and a method for carrying out financial transactions by means of a mobile telephone system|
|WO1996005702A2||Jun 7, 1995||Feb 22, 1996||Motorola Inc||Method and apparatus for authentication in a communication system|
|WO1996013814A1||Oct 25, 1995||May 9, 1996||Behruz Vazvan||Real time tele-payment system|
|WO1996032700A1||Mar 29, 1996||Oct 17, 1996||Au System||Improvements in or relating to electronic wallets|
|Citing Patent||Filing date||Publication date||Applicant||Title|
|US6760841 *||May 1, 2000||Jul 6, 2004||Xtec, Incorporated||Methods and apparatus for securely conducting and authenticating transactions over unsecured communication channels|
|US6847816 *||Nov 16, 2000||Jan 25, 2005||Sagem, Sa||Method for making a payment secure|
|US6977577 *||May 4, 2001||Dec 20, 2005||Cp8 Technologies||Method for authenticating a portable object, corresponding portable object, and apparatus therefor|
|US7032047 *||Mar 12, 2001||Apr 18, 2006||Motorola, Inc.||Method of regulating usage and/or concession eligibility via distributed list management in a smart card system|
|US7487547 *||Oct 11, 2002||Feb 3, 2009||Matsushita Electric Industrial Co. Ltd.||Content processing apparatus and content protection program|
|US7490062 *||Jan 2, 2001||Feb 10, 2009||International Business Machines Corporation||Method of payment by means of an electronic communication device|
|US7747867 *||Dec 4, 2003||Jun 29, 2010||Lg Electronics Inc.||User authentication method for a remote control apparatus and a remote control apparatus|
|US7832016 *||Mar 15, 2004||Nov 9, 2010||Robert Bosch Gmbh||Microprocessor system and method for detecting the exchange of modules of the system|
|US7885686 *||Feb 26, 2002||Feb 8, 2011||Nokia Corporation||Electronic transactions|
|US7926713 *||Feb 16, 2007||Apr 19, 2011||Sony Corporation||Settlement server, settlement request server and settlement execution terminal|
|US8447359||Dec 30, 2010||May 21, 2013||Nokia Corporation||Electronic transactions|
|US8825928 *||Oct 9, 2003||Sep 2, 2014||Vodafone Group Plc||Facilitating and authenticating transactions through the use of a dongle interfacing a security card and a data processing apparatus|
|US20010016835 *||Jan 2, 2001||Aug 23, 2001||Uwe Hansmann||Method of payment by means of an electronic communication device|
|US20040153419 *||May 28, 2002||Aug 5, 2004||Jean-Philippe Wary||Method and device for the certification of a transaction|
|US20040186995 *||Dec 4, 2003||Sep 23, 2004||Lg Electronics Inc.||User authentication method for a remote control apparatus and a remote control apparatus|
|US20040225776 *||Mar 12, 2001||Nov 11, 2004||Motorola, Inc.||Method of regulating usage and/or concession eligibility via distributed list management in a smart card system|
|US20040260923 *||Oct 11, 2002||Dec 23, 2004||Shinichi Nakai||Content processing apparatus and content protection program|
|US20040260938 *||Mar 15, 2004||Dec 23, 2004||Jochen Weber||Microprocessor system and method for detecting the exchange of modules of the system|
|US20050178060 *||Apr 11, 2005||Aug 18, 2005||Weder Donald E.||Collapsible and/or erectable floral containers|
|US20050246957 *||Jul 8, 2005||Nov 10, 2005||Weder Donald E||Collapsible and/or erectable floral containers|
|US20070226805 *||Oct 9, 2003||Sep 27, 2007||David Jeal||Facilitating And Authenticating Transactions|
|CN100505927C||Oct 22, 2004||Jun 24, 2009||北京握奇数据系统有限公司||Dynamic password identification method|
|WO2006040478A2 *||Oct 12, 2005||Apr 20, 2006||David Bensimon||Customisable secure system for recognising and conditionally using electric devices and method for use|
|U.S. Classification||380/247, 713/168, 726/20, 713/182, 726/19, 713/161|
|International Classification||G06Q20/00, H04L9/32, H04M1/675, G09C1/00, H04M11/00, H04M1/00, G07F7/10, H04W12/10|
|Cooperative Classification||H04L9/3226, H04L2209/56, H04L9/3247, H04L2209/80, H04L9/3234, G06Q20/40, G06Q20/341, G07F7/082, G07F7/1008, G06Q20/3825, G06Q20/32, H04L63/123, G06Q20/4097, H04W12/10|
|European Classification||G06Q20/32, G06Q20/40, G06Q20/341, G07F7/08A2B, G06Q20/3825, G06Q20/4097, H04L9/32, H04W12/10, G07F7/10D|
|Dec 8, 1999||AS||Assignment|
|Oct 30, 2006||FPAY||Fee payment|
Year of fee payment: 4
|Oct 29, 2010||FPAY||Fee payment|
Year of fee payment: 8
|Jan 24, 2014||AS||Assignment|
Owner name: HIGHBRIDGE PRINCIPAL STRATEGIES, LLC, AS COLLATERA
Free format text: LIEN;ASSIGNOR:OPTIS WIRELESS TECHNOLOGY, LLC;REEL/FRAME:032180/0115
Effective date: 20140116
|Feb 19, 2014||AS||Assignment|
Owner name: CLUSTER, LLC, DELAWARE
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:TELEFONAKTIEBOLAGET L M ERICSSON (PUBL);REEL/FRAME:032285/0421
Effective date: 20140116
Owner name: OPTIS WIRELESS TECHNOLOGY, LLC, TEXAS
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CLUSTER, LLC;REEL/FRAME:032286/0501
Effective date: 20140116
|Mar 12, 2014||AS||Assignment|
Owner name: WILMINGTON TRUST, NATIONAL ASSOCIATION, MINNESOTA
Free format text: SECURITY INTEREST;ASSIGNOR:OPTIS WIRELESS TECHNOLOGY, LLC;REEL/FRAME:032437/0638
Effective date: 20140116
|Oct 29, 2014||FPAY||Fee payment|
Year of fee payment: 12